CVE-2024-42140: riscv: kexec: Avoid deadlock in kexec crash path
In the Linux kernel, the following vulnerability has been resolved:
riscv: kexec: Avoid deadlock in kexec crash path
If the kexec crash code is called in the interrupt context, the
machine_kexec_mask_interrupts() function will trigger a deadlock while
trying to acquire the irqdesc spinlock and then deactivate irqchip in
irq_set_irqchip_state() function.
Unlike arm64, riscv only requires irq_eoi handler to complete EOI and
keeping irq_set_irqchip_state() will only leave this possible deadlock
without any use. So we simply remove it.
Security readout for executives and security teams
Plain-English summary
This is a Linux kernel issue affecting the RISC-V kexec crash path. In specific crash conditions, the kernel can deadlock while handling interrupts, preventing normal crash recovery behavior. The public sources do not show remote exploitability, active exploitation, or a CVSS score.
Executive priority
Handle during normal kernel maintenance unless RISC-V systems support critical recovery, forensics, or high-availability workflows. Escalate priority where failed crash dump collection would materially delay incident response or root-cause analysis.
Technical view
The flaw is in RISC-V kexec crash handling. If crash kexec runs in interrupt context, machine_kexec_mask_interrupts() may deadlock while acquiring the irqdesc spinlock and calling irq_set_irqchip_state(). The upstream fix removes irq_set_irqchip_state() because RISC-V only needs the irq_eoi handler for EOI completion.
Likely exposure
Exposure appears limited to Linux systems running affected RISC-V kernels, particularly systems using kexec, kdump, or crash-kernel workflows. The provided affected version data is incomplete and should be validated against vendor kernel packages and listed stable commits.
Exploitation context
CISA KEV is false in the supplied bundle, and no cited source reports active exploitation. The known impact is a deadlock in crash handling, not a documented remote attack path. Treat it mainly as availability and incident-response reliability risk.
Researcher notes
The key behavior is a locking deadlock in interrupt-context crash kexec. Sources describe the resolution but do not provide CVSS, CWE, exploitation evidence, or complete product packaging details. Avoid broad Linux exposure claims without architecture and vendor-version confirmation.
Mitigation direction
Update affected RISC-V Linux kernels to vendor-fixed builds.
Map deployed kernels against the listed stable commit references.
Check Debian LTS guidance if running Debian-derived kernels.
Prioritize systems relying on kdump or crash recovery.
Monitor kernel vendor advisories for package-specific fixed versions.
Validation and detection
Inventory RISC-V Linux hosts and kernel versions.
Identify whether kexec or kdump is enabled in production.
Compare kernel sources or packages against the stable fix commits.
Review crash recovery logs for kexec or kdump deadlock symptoms.
Confirm vendor advisories mark the installed package fixed.
Generated from the cited source records. This long-tail analysis has not been individually reviewed by a named human.
Potential ATT&CK relevance
Conservative CVE-to-ATT&CK context
These mappings and lookup hints may be relevant to the vulnerability behavior, CWE, affected product, or exposure path. Glexia-inferred context is not an official MITRE, ATT&CK, CWE, or CVE Program mapping.
ATT&CK lookup starting points
Use these exact CWE pages and searches to review the Glexia ATT&CK library from this CVE's weakness and description context.
cve · low confidence lookup
CVE-2024-42140 mapping review
Open the CVE-to-ATT&CK bridge for reviewed, inferred, or future official mappings tied to this CVE.
These fields come from the CVE record and ADP containers, not from Glexia's Take. They preserve time-varying source decisions such as CISA SSVC, KEV status, CVSS metrics, and provider references.